ISOC

Vilafranca del Penedès, Spain
Vilafranca del Penedès, Spain
SEARCH FILTERS
Time filter
Source Type

SAN FRANCISCO, CA--(Marketwired - May 4, 2017) - The Latin American and Caribbean Network Operators Group (LACNOG) has chartered a new working group to serve as a regional voice in the global anti-abuse community. The new LAC Anti-Abuse Working Group (LAC-AAWG) will convene experts from regional network operator communities and the global Messaging, Malware and Mobile Anti-Abuse Working Group to encourage industry dialogue, develop recommendations and advance best practices for safeguarding online activities. LAC-AAWG will hold its first face-to-face meeting at LACNIC 27 in Foz do Iguaçu, Brazil, May 22-26, where it is partnering with M3AAWG to organize trusted, open-discussion sessions on anti-abuse issues and best practices. These sessions are being coordinated by LAC-AAWG founding chairs Lucimara Desiderá, security analyst at CERT.br (Brazilian National Computer Emergency Response Team) which is maintained by the Brazilian Network Information Center (NIC.br), and Christian O'Flaherty, ISOC senior development manager for Latin America and the Caribbean. "LAC-AAWG was created to be a place where regional network operators and anti-abuse experts can share their concerns about current and emerging online threats, discuss processes validated by their peers to reduce abuse, and develop best practices that address both local and global issues. The concept is that local involvement is essential to consider our specificities and global engagement is necessary to stay abreast of the latest threats traversing the internet and to help develop operations that will mitigate them," Desiderá said. Since its founding in 2004, M3AAWG has emphasized the importance of global cooperation within the online community in fighting spam, phishing, fraud and other cybercrime and has worked to provide a trusted venue where security and policy experts can share information. Participants from 26 countries attended the four-day M3AAWG 39th General Meeting in San Francisco in February and its annual European meeting will be June 12-15 in Lisbon, Portugal. Last year, M3AAWG began to explore means to improve collaboration with the LAC operator communities. As a result, LACNIC (the LAC Network Information Center) and M3AAWG formed a partnership to share expertise and information that could reduce regional and global abuse. The development of LAC-AAWG as an independent working group within LACNOG is one outcome of those efforts. The partnership also has paved the way for M3AAWG members to provide training on hosting anti-abuse operations and to work with the regional community on anti-abuse best practices. M3AAWG Chairman Severin Walker said, "Because cyber criminals ignore borders and only care about scamming the targeted victims, the reality is that we all face similar threats and malware. There is no question that online security and abuse are both local and international issues. We applaud LACNOG, and appreciate the efforts of LACNIC, in creating this new forum as a model of local participation and global engagement. It is a resourceful approach that could be effectively applied in other regions." About the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) is where the industry comes together to work against bots, malware, spam, viruses, denial-of-service attacks and other online exploitation. M3AAWG (www.m3aawg.org) members represent more than one billion mailboxes from some of the largest network operators worldwide. It leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services through technology, collaboration and public policy. It also works to educate global policy makers on the technical and operational issues related to online abuse and messaging. Headquartered in San Francisco, Calif., M3AAWG is driven by market needs and supported by major network operators and messaging providers. M3AAWG Board of Directors: AT&T; CenturyLink; Cloudmark, Inc.; Comcast; dotmailer; Endurance International Group; Facebook; Google; LinkedIn; Mailchimp; Microsoft Corp.; Orange; Rackspace; Return Path; SendGrid, Inc.; Vade Secure; and Yahoo Inc. M3AAWG Full Members: 1&1 Internet AG; Adobe Systems Inc.; Agora, Inc.; AOL; Campaign Monitor Pty.; Cisco Systems, Inc.; CloudFlare; Dyn; Exact Target, Inc.; IBM; iContact; Intel Security; Internet Initiative Japan; Liberty Global; Listrak; Litmus; Mimecast; Nominum, Inc.; Oracle Marketing Cloud; OVH; PayPal; Proofpoint; Spamhaus; Sparkpost; Sprint; Symantec; and USAA. A complete member list is available at http://www.m3aawg.org/about/roster.


SAN FRANCISCO, Kalifornien, USA--(Marketwired - May 5, 2017) - Die Latin American and Caribbean Network Operators Group (LACNOG) hat eine neue Arbeitsgruppe gegründet, die als regionale Stimme in der weltweiten Community zur Missbrauchsbekämpfung fungieren wird. Die neue LAC Anti-Abuse Working Group (LAC-AAWG) wird Experten aus den Communitys der regionalen Netzbetreiber und der global agierenden Messaging, Malware and Mobile Anti-Abuse Working Group zusammenrufen, um den Branchendialog zu fördern, Empfehlungen zu erarbeiten und die Verbreitung bewährter Vorgehensweisen zu unterstützen. LAC-AAWG wird das erste persönliche Treffen vom 22. bis zum 26. Mai in LACNIC 27 in Foz do Iguaçu, Brasilien, abhalten Bei diesem Treffen wird die Arbeitsgruppe gemeinsam mit M3AAWG in einem vertrauenswürdigen Rahmen offene Gesprächsrunden über Probleme und bewährte Vorgehensweisen in der Missbrauchsbekämpfung organisieren. Koordiniert werden diese Gesprächsrunden von den LAC-AAWG-Gründungsvorständen Lucimara Desiderá, Wertpapieranalystin bei CERT.br (brasilianische Computer Emergency Response Team), das vom brasilianischen Network Information Center (NIC.br) unterhalten wird, und Christian O'Flaherty, ISOC Senior Development Manager für Lateinamerika und die Karibik. „LAC-AAWG wurde als ein Ort geschaffen, an dem regionale Netzbetreiber und Experten im Bereich Missbrauchsbekämpfung sich über ihre Befürchtungen in Bezug auf aktuelle und aufkommende Online-Bedrohungen austauschen, von ihren Kollegen validierte Verfahren zur Eindämmung von Missbrauch diskutieren und bewährte Vorgehensweisen entwickeln können, die sich sowohl lokalen als auch globalen Problemen widmen. Die zugrunde liegende Idee ist, dass lokale Mitwirkung unerlässlich ist, um unsere regionalen Eigenheiten zu berücksichtigen, und globales Engagement ist erforderlich, um über die neuesten, im Internet kursierenden Bedrohungen auf dem Laufenden zu bleiben und die Entwicklung von Aktionen zu ihrer Abwehr zu unterstützen“, so Desiderá. Seit ihrer Gründung im Jahr 2004 hat die M3AAWG betont, wie wichtig eine globale Zusammenarbeit innerhalb der Online-Community im Kampf gegen Spam, Phishing, Betrug und sonstige Cyberkriminalität ist, und hat daran gearbeitet, einen sicheren Veranstaltungsort bereitzustellen, wo Sicherheits- und Richtlinienexperten Informationen austauschen können. Teilnehmer aus 26 Ländern nahmen im Februar an dem viertägigen 39. General Meeting der M3AAWG in San Francisco teil, und vom 12. bis zum 15. Juni wird in Lissabon, Portugal, ihr jährliches europäisches Treffen stattfinden. Die Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) ist die Schnittstelle, an der die Branche zusammenkommt, um gemeinsam gegen Bots, Malware, Spam, Viren, Denial-of-Service-Attacken und andere Online-Angriffe vorzugehen. Die Mitglieder der M3AAWG (www.m3aawg.org) repräsentieren über eine Milliarde Mailboxen einiger der größten Netzbetreiber weltweit. Dabei nutzt die Vereinigung die Fachkenntnis und Erfahrung ihrer weltweiten Mitglieder, um mithilfe von Technologie, Zusammenarbeit und Ordre public gegen den Missbrauch bereits bestehender Netzwerke und neuer Dienste vorzugehen. Sie informiert darüber hinaus Entscheidungsträger weltweit über technische und operative Probleme im Zusammenhang mit Online-Missbrauch und Messaging. Die M3AAWG hat ihren Hauptsitz in San Francisco im US-Bundesstaat Kalifornien und wird durch die Anforderungen des Marktes gelenkt sowie von den führenden Netzwerkbetreibern und Anbietern von Messaging-Services unterstützt. M3AAWG-Vorstand: AT&T, CenturyLink; Cloudmark, Inc.; Comcast; dotmailer; Endurance International Group; Facebook; Google; LinkedIn; Mailchimp; Microsoft Corp.; Orange; Rackspace; Return Path; SendGrid, Inc.; Vade Secure und Yahoo Inc. M3AAWG-Vollmitglieder: 1&1 Internet AG; Adobe Systems Inc.; Agora, Inc.; AOL; Campaign Monitor Pty.; Cisco Systems, Inc.; CloudFlare; Dyn; Exact Target, Inc.; IBM; iContact; Intel Security; Internet Initiative Japan; Liberty Global; Listrak; Litmus; Mimecast; Nominum, Inc.; Oracle Marketing Cloud; OVH; PayPal; Proofpoint; Spamhaus; Sparkpost; Sprint; Symantec und USAA.


SAN FRANCISCO, Californie--(Marketwired - May 5, 2017) - Le Groupe d'opérateurs de réseaux d'Amérique latine et des Caraïbes (LACNOG) a établi un nouveau groupe de travail visant à servir de voix régionale dans la communauté mondiale de la lutte contre les abus. Le Groupe de travail portant sur la lutte contre les abus d'Amérique latine et des Caraïbes (LAC-AAWG) convoquera des experts des communautés régionales d'opérateurs de réseaux et du Groupe de travail portant sur la messagerie, les logiciels malveillants et la lutte contre les abus par voie mobile pour encourager le dialogue dans le secteur, développer des recommandations et promouvoir les meilleures pratiques de protection des activités en ligne. Le LAC-AAWG tiendra sa première assemblée en personne lors de LACNIC 27 à Foz do Iguaçu, au Brésil, du 22 au 26 mai, où il fait équipe avec le M3AAWG pour organiser des séances de discussions ouvertes et fiables sur les questions de lutte contre les abus et les meilleures pratiques. Ces séances sont coordonnées par les présidents et fondateurs du LAC-AAWG, Lucimara Desiderá, analyste de la sécurité de CERT.br (Centre national d'alerte et de réaction aux attaques informatiques du Brésil), qui est maintenu par le Centre d'informations réseau brésilien (NIC.br), et Christian O'Flaherty, responsable du développement sénior de l'ISOC pour l'Amérique latine et les Caraïbes. « Le LAC-AAWG a été créé pour permettre aux opérateurs de réseaux régionaux et aux experts de la lutte contre les abus de partager leurs préoccupations sur les menaces en ligne actuelles et émergentes, discuter des processus validés par leurs pairs afin de réduire les abus et développer des meilleures pratiques traitant les problèmes locaux et mondiaux. Son concept est qu'une implication locale est essentielle pour prendre en considération nos spécificités et qu'un engagement mondial est nécessaire pour rester au courant des toutes dernières menaces traversant Internet et aider à développer des opérations qui les réduiront », a déclaré Mme Desiderá. Depuis sa création en 2004, le M3AAWG insiste sur l'importance d'une coopération mondiale au sein de la communauté en ligne afin de combattre les spams, le hameçonnage, la fraude et les autres cybercrimes, et s'efforce de fournir un pôle de confiance où les experts en politiques et en sécurité peuvent partager des informations. Des participants de 26 pays ont assisté à la 39e Assemblée générale de quatre jours du M3AAWG tenue à San Francisco en février et son assemblée européenne annuelle se déroulera du 12 au 15 juin à Lisbonne, au Portugal. L'année dernière, le M3AAWG a commencé à chercher des moyens d'améliorer la collaboration avec les communautés d'opérateurs d'Amérique latine et des Caraïbes. Résultat : le LACNIC (Centre d'informations réseau d'Amérique latine et des Caraïbes) et le M3AAWG ont formé un partenariat afin de partager de l'expertise et des informations pouvant réduire l'abus régional et mondial. Le développement du LAC-AAWG en tant que groupe de travail indépendant au sein du LACNOG est l'un des résultats de ces efforts. Ce partenariat a aussi ouvert la voie aux membres du M3AAWG pour fournir des formations sur l'hébergement d'opérations de lutte contre les abus et travailler avec les communautés régionales sur les meilleures pratiques. Severin Walker, présidente du M3AAWG, a déclaré : « Comme les cyber-criminels ignorent les frontières et ne se préoccupent que d'escroquer les victimes ciblées, la réalité est que nous faisons tous face à des logiciels malveillants et menaces semblables. Il va sans dire que les abus et la sécurité en ligne sont des problèmes à la fois locaux et internationaux. Nous applaudissons le LACNOG, et apprécions les efforts du LACNIC, pour la création de ce nouveau forum servant de modèle de participation locale et d'engagement mondial. Il s'agit d'une approche ingénieuse qui pourrait efficacement être appliquée à d'autres régions. » À propos du M3AAWG (Groupe de travail portant sur la messagerie, les logiciels malveillants et la lutte contre les abus par voie mobile) Le Groupe de travail portant sur la messagerie, les logiciels malveillants et la lutte contre les abus par voie mobile (M3AAWG) rassemble les acteurs du secteur pour lutter d'une voix unie contre les bots, les logiciels malveillants, les spams, les virus, les attaques par déni de service et d'autres cas de cyberexploitation. Le M3AAWG (www.m3aawg.org) représente plus d'un milliard de boîtes de réception appartenant à certains des plus grands opérateurs de réseaux du monde. Le groupe s'appuie sur le sérieux et l'expérience de ses membres à travers le monde pour s'attaquer aux abus sur les réseaux existants et au sein des nouveaux services émergents en exploitant la technologie, la collaboration et les politiques publiques. Ce dernier se consacre également à la sensibilisation des décideurs mondiaux aux questions techniques et opérationnelles liées à la messagerie et l'abus en ligne. Basé à San Francisco, en Californie, le M3AAWG est axé sur les besoins du marché et soutenu par de grands opérateurs de réseaux et des fournisseurs de messagerie. Une liste complète des membres est disponible à l'adresse http://www.m3aawg.org/about/roster.


News Article | May 11, 2017
Site: phys.org

On April 12, one of the spacecraft's instruments – the Large Area Telescope (LAT), which was conceived of and assembled at the Department of Energy's SLAC National Accelerator Laboratory – detected its billionth extraterrestrial gamma ray. Since gamma rays are often produced in violent processes, their observation sheds light on extreme cosmic environments, such as powerful star explosions, high-speed particle jets spewed out by supermassive black holes, and ultradense neutron stars spinning unimaginably fast. Gamma rays could also be telltale signs of dark matter particles – hypothetical components of invisible dark matter, which accounts for 85 percent of all matter in the universe. "Since Fermi's launch in 2008, the LAT has made a number of important discoveries of gamma-ray emissions from exotic sources in our galaxy and beyond," says Robert Cameron, head of the LAT Instrument Science Operations Center (ISOC) at SLAC. The LAT has already collected hundreds of times more gamma rays than the previous-generation EGRET instrument on NASA's Compton Gamma-ray Observatory – an advance that has tremendously deepened insights into the production of this energetic radiation. Among the LAT discoveries are more than 200 pulsars – rapidly rotating, highly magnetized cores of collapsed stars that were up to 30 times more massive than the sun. Before Fermi's launch, only seven of these objects were known to emit gamma rays. As pulsars spin around their axis, they emit "beams" of gamma rays like cosmic lighthouses. Many pulsars rotate several hundred times per second – that's tens of millions times faster than Earth's rotation. "Understanding pulsars tells us about the evolution of stars because they are one possible end point in a star's life," Cameron says. "The LAT data have led us to totally revise our understanding of how pulsars emit gamma rays." The LAT has also shown for the first time that novae – thermonuclear explosions on the surface of stars that have accumulated material from neighboring stars – can emit gamma rays. These data provide new details about the physics of burning stars, which is a crucial process for the synthesis of chemical elements in the universe. Even more exotic gamma-ray sources detected by the LAT are microquasars. These objects are star-sized analogs of active galactic nuclei, with gas spinning around a black hole at the center. As the black hole devours matter from its surroundings, it ejects jets of charged particles traveling almost as fast as light into space, generating beams of gamma rays in the process. At a galactic scale, such an ejection mechanism could have produced what is known as the Fermi bubbles – two giant areas above and below the center of the disk of our Milky Way galaxy that shine in gamma rays. Discovered by the LAT in 2010, these bubbles suggest that the supermassive black hole at the center of our galaxy once was more active than it is today. Researchers also use the LAT to search for signs of dark matter particles in the central regions of the Milky Way and other galaxies. Theories predict that the hypothetical particles would produce gamma rays when they decay or collide and destroy each other. "With the sensitivity we have achieved with the LAT, we should in principle be able to see such dark matter signatures," says SLAC's Seth Digel, who leads the Fermi group at the Kavli Institute for Particle Astrophysics and Cosmology (KIPAC), a joint institute of Stanford University and SLAC. "But we haven't found any conclusive signals yet, and so far the LAT data can also be explained with other astrophysical sources." Finally, the LAT has explored gamma ray sources closer to home, including gamma rays produced by thunderstorms in Earth's atmosphere, by solar flares and even by charged particles hitting the surface of the moon. From its location on Fermi at an altitude of 330 miles, the LAT sees 20 percent of the sky at any given time. Every two orbits – each takes about 95 minutes – the instrument collects the data necessary for a gamma-ray map of the entire sky. But identifying the right signals for the map is a little bit like finding needles in a haystack: For every gamma-ray photon, the LAT sees many more high-energy charged particles, called cosmic rays. Most of these background signals are rejected right away by hardware triggers and software filters in the LAT on Fermi, which reduces the rate of signals from 10,000 to 400 per second. The remaining data are compressed, transmitted back to Earth and sent to NASA's Goddard Space Flight Center in Greenbelt, Maryland, where they get separated into three different datasets for the LAT, the GBM (Fermi's second scientific instrument, which monitors short-lived gamma-ray bursts) and spacecraft data. The LAT data are transferred to the LAT ISOC at SLAC, where 1,000 computer cores automatically analyze the data stream and filter out even more background signals. 70 percent of all detected gamma rays are from Earth's atmosphere, leaving only two to three extraterrestrial gamma-ray signals per second out of the 10,000 initial detector events. These data are then sent back to NASA Goddard, where they are made publicly available for further analysis. "The ISOC receives about 15 deliveries of LAT data throughout the day for a total of 16 gigabytes or three DVDs worth of data every day," Cameron says. "For each delivery, the entire process – from the time the data leave Fermi to the time the gamma rays get deposited in the public archive – takes about four hours." Next year, the Fermi mission will reach its 10-year operations goal. What happens after that will largely depend on funding. "With no successor mission planned, the LAT is in many ways irreplaceable, particularly for studies of low-energy gamma rays," Digel says. "The telescope is still going strong after all these years, and there is a lot of science left to be done." An important new role for the LAT is to search for gamma-ray sources associated with gravitational wave events. These ripples in space-time occur, for example, when two black holes merge into a single one, as recently observed by the LIGO detector. This opens up the completely new field of gravitational wave astrophysics. The LAT ISOC is a department in KIPAC and the Particle Astrophysics and Cosmology Division of SLAC. KIPAC researchers contribute to the international Fermi LAT Collaboration, whose research is funded by NASA and the DOE Office of Science, as well as agencies and institutes in France, Italy, Japan and Sweden. Explore further: Origin of Milky Way's hypothetical dark matter signal may not be so dark


News Article | October 27, 2016
Site: www.greentechmedia.com

The New York Power Authority is already a major user of smart grid technologies. With one of the country’s biggest smart energy R&D labs, big investments to ease the flow of wind power, and its New York Energy Manager platform that’s crunching data from more than 1,000 public buildings, the oldest public power organization is embracing the future. Now it’s turning to General Electric to sensor and analyze its 16 power plants and 1,400 miles of transmission lines as part of a $1 billion investment in asset performance analytics that’s expected to yield $2 billion in savings over the next decade. It’s the biggest system-wide deployment yet for GE’s Predix analytics platform, the software brains behind the company’s “Industrial Internet” of sensored and networked equipment and devices. It will start at four of NYPA’s natural gas-fired peaker plants, with asset performance management (APM) software that will predict failures, conduct preventative maintenance and other efficiency-boosting tasks. But eventually, it will grow to include the integrated smart operations center (ISOC) that NYPA is building, CEO Gil Quiniones said. This central command center for its power plant and grid operations, customer-side operations, and its emergency response coordination will use GE’s Predix platform to tie together the various operations software platforms in use, like the energy management system (EMS) from Alstom Grid, which was acquired by GE. “Think of it as a decision support system in terms of how we run our assets and how we invest in our assets,” Quiniones said. “Largely, we will suck information from our existing EMS and SCADA systems. But we’re also deploying sensors strategically, wherever there’s a data point we need to correlate." Using that data, GE’s software will create “digital twins, or avatars, of each of our pieces of equipment -- our power plants, our substations, our power lines,” he said. These virtual models, built from real-time and historical data, can predict turbine failures days before they occur, or model the likely life remaining in individual parts within a machine to inform maintenance schedules -- items that add significant cost to running power plants. For a typical gas turbine, “our solutions can deliver up to $50 million in net present value,” said Niloy Sanyal, chief marketing officer for GE’s digital power team. GE is already doing a lot of asset analytics at the four power plants where NYPA is starting its project. “Right off the bat, we have about 65 percent coverage to all of their assets," said Sanyal. Future release cycles will bring that coverage up to 80 percent by year’s end, all without new sensors. The “digital twin” is GE’s way of describing the models it builds from “data that’s coming from across the enterprise, not just one source at a time.” The Predix platform, which GE built itself after trying out other big data platforms from Pivotal and other companies, uses physics-based and statistical algorithms to model and predict how assets will perform in real time. GE competitors like Siemens and ABB offer similar asset management systems (AMS), with projects to match the scale of what GE is doing at NYPA. But GE’s software is also “at the heart of the NYPA operations center,” Sanyal said, opening the potential to use the Predix platform’s analytics capabilities for grid assets as well. While that’s not part of the project announced last week, Quiniones said that NYPA plans to roll out the software to all of its 16 power plants, as well as to some transmission lines and substations, over the coming years. That could give it better information on how much capacity it has left on a critical transmission lines when upstate wind power is peaking, or the ability to optimize different power plants based on their relative cost to produce across the course of the day. NYPA is also applying data analytics to the 1,000-and-counting public buildings it’s collecting data on through its Energy Manager platform, Quiniones noted. “I’d say by 2018 or so, we will have developed digital twins, or avatars, of every device in our customers’ premises.” New York is in the midst of transforming its energy sector through its Reforming the Energy Vision initiative -- a regulatory overhaul meant to transform the state’s utilities into platform providers for distributed energy resources (DERs) like solar, batteries, EVs and demand response that could help the state reach its clean energy goals. Utilities like Consolidated Edison and National Grid have pilot projects integrating DERs at the distribution grid level, and are expected to file their plans for providing distribution system services with the state’s Public Services Commission later this year. NYPA doesn’t own or operate distribution grid assets, but as the provider of about one-fifth of the state’s power, it will have a significant role to play in the future envisioned under REV. Once its ISOC is set up, “we’ll have a strategic operations center that will monitor not only the health of our assets, but our communications and software, our cybersecurity, our physical security, and that then can be easily converted into an emergency management and response center," said Quiniones.


News Article | November 23, 2016
Site: phys.org

Luckily, there's a solution: Hypnoguard, powerful new software developed by Concordia University researchers to safeguard data even when computer is in sleep mode. Sweet dreams are made of this "Protecting data is especially difficult when a computer goes to sleep, which happens when a laptop's lid is closed, or after a certain period of user inactivity," explains PhD candidate Lianying Zhao. He explains that if a computer in this mode falls into the wrong hands, a malicious person can extract the data found in the machine's random-access memory (RAM) in a number of technical ways. "It's been a known problem for several years, but no one's proposed a viable way to solve it. Until now." You are getting sleepy ... Zhao developed the Hynoguard system with Mohammad Mannan, an associate professor with the Concordia Institute for Information Systems Engineering., It's designed to protect "data-in-sleep." When installed, the system encrypts the computer's RAM before it enters sleep mode, and then decrypts the data upon waking with hardware-backed uncircumventible user re-authentication. "The entire process is transparent to the user, who simply enters a regular 'unlock' password when the computer wakes up," explains Mannan. "There's almost no impact on usability. For an average computer with eight gigabytes of memory, the process only takes about a second." He and Zhao designed the system by carefully integrating password-based authentication with widely available hardware security features in modern consumer-grade computers. They unveiled their work at the 2016 ACM Conference on Computer and Communications Security this October in Vienna. Coming to a laptop near you Having just filed a provisional US patent for the system, Mannan and Zhao hope that members of the general population as well as corporate and state users will soon be able to use Hypnoguard to protect critical data. "Professionals for whom security is paramount—people like government agents, journalists and businessmen—should benefit the most in terms of protecting secrets in RAM. If their computer is lost or stolen, or if they are forced to reveal their password, Hypnoguard will provide that extra layer of protection. And if it's combined with Gracewipe, another of our security systems, both RAM and disk data will be safe against password guessing and coercion attacks." Explore further: Will the hack of 500 million Yahoo accounts get everyone to protect their passwords? More information: 1. Read the Hypnoguard paper from the ACM Conference proceedings. 2. Read the Gracewipe paper from the ISOC proceedings.


News Article | November 23, 2016
Site: www.eurekalert.org

Montreal, November 23, 2016 -- In the age of WikiLeaks, Russian hacks and increased government surveillance, many computer users are feeling increasingly worried about how best to protect their personal information -- even if they aren't guarding state secrets. Luckily, there's a solution: Hypnoguard, powerful new software developed by Concordia University researchers to safeguard data even when computer is in sleep mode. Sweet dreams are made of this "Protecting data is especially difficult when a computer goes to sleep, which happens when a laptop's lid is closed, or after a certain period of user inactivity," explains PhD candidate Lianying Zhao. He explains that if a computer in this mode falls into the wrong hands, a malicious person can extract the data found in the machine's random-access memory (RAM) in a number of technical ways. "It's been a known problem for several years, but no one's proposed a viable way to solve it. Until now." You are getting sleepy ... Zhao developed the Hynoguard system with Mohammad Mannan, an associate professor with the Concordia Institute for Information Systems Engineering., It's designed to protect "data-in-sleep." When installed, the system encrypts the computer's RAM before it enters sleep mode, and then decrypts the data upon waking with hardware-backed uncircumventible user re-authentication. "The entire process is transparent to the user, who simply enters a regular 'unlock' password when the computer wakes up," explains Mannan. "There's almost no impact on usability. For an average computer with eight gigabytes of memory, the process only takes about a second." He and Zhao designed the system by carefully integrating password-based authentication with widely available hardware security features in modern consumer-grade computers. They unveiled their work at the 2016 ACM Conference on Computer and Communications Security this October in Vienna. Coming to a laptop near you Having just filed a provisional US patent for the system, Mannan and Zhao hope that members of the general population as well as corporate and state users will soon be able to use Hypnoguard to protect critical data. "Professionals for whom security is paramount -- people like government agents, journalists and businessmen -- should benefit the most in terms of protecting secrets in RAM. If their computer is lost or stolen, or if they are forced to reveal their password, Hypnoguard will provide that extra layer of protection. And if it's combined with Gracewipe, another of our security systems, both RAM and disk data will be safe against password guessing and coercion attacks." Read the Hypnoguard paper from the ACM Conference proceedings. Read the Gracewipe paper from the ISOC proceedings.

Loading ISOC collaborators
Loading ISOC collaborators